Mangelnde Prüfung von Umgebungsvariablen in Python
ID: | FEDORA-2016-c843c68c77 |
Distribution: | Fedora |
Plattformen: | Fedora 25 |
Datum: | So, 28. August 2016, 00:11 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110 |
Applikationen: | Python |
Originalnachricht |
|
Name : python3 Product : Fedora 25 Version : 3.5.1 Release : 15.fc25 URL : http://www.python.org/ Summary : Version 3 of the Python programming language aka Python 3000 Description : Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. -------------------------------------------------------------------------------- Update Information: Fix for CVE-2016-1000110 HTTPoxy attack -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359177 - CVE-2016-1000110 python3: Python CGIHandler: sets environmental variable based on user supplied Proxy request header [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1359177 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python3' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org |